def __get_encryption_service(self, domain_home):
"""
Get the encryption service for the specified domain.
:param domain_home: the domain home directory
:return: the encryption service
:raises: EncryptionException: if an error occurs getting the WebLogic encryption services
"""
_method_name = '__get_encryption_service'
system_ini = SerializedSystemIni.getEncryptionService(domain_home)
if system_ini is None:
ex = exception_helper.create_encryption_exception('WLSDPLY-01740')
self.logger.throwing(ex,
class_name=self._class_name,
method_name=_method_name)
raise ex
encryption_service = ClearOrEncryptedService(system_ini)
if encryption_service is None:
ex = exception_helper.create_encryption_exception('WLSDPLY-01741')
self.logger.throwing(ex,
class_name=self._class_name,
method_name=_method_name)
raise ex
return encryption_service
def _initialize_password_field_names():
"""
Initialize the password field names structure.
:raises: EncryptionException: if an error occurs while loading and parsing the password field names file
"""
global _password_field_names
_method_name = '_initialize_password_field_names'
if _password_field_names is None:
password_field_names_stream = FileUtils.getResourceAsStream(_password_field_names_file)
if password_field_names_stream is None:
ex = exception_helper.create_encryption_exception('WLSDPLY-04100', _password_field_names_file)
_logger.throwing(ex, class_name=_class_name, method_name=_method_name)
raise ex
try:
password_field_names_dict = \
JsonStreamTranslator(_password_field_names_file, password_field_names_stream).parse()
except JsonException, je:
ex = exception_helper.create_encryption_exception('WLSDPLY-04101', _password_field_names_file,
je.getLocalizedMessage(), error=je)
_logger.throwing(ex, class_name=_class_name, method_name=_method_name)
raise ex
if password_field_names_dict is not None and 'passwordFieldNames' in password_field_names_dict:
_password_field_names = password_field_names_dict['passwordFieldNames']
else:
ex = exception_helper.create_encryption_exception('WLSDPLY-04102', _password_field_names_file)
_logger.throwing(ex, class_name=_class_name, method_name=_method_name)
raise ex
def __process_args(args):
"""
Process the command-line arguments and prompt the user for any missing information
:param args: the command-line arguments list
:raises CLAException: if an error occurs while validating and processing the command-line arguments
"""
_method_name = '__process_args'
cla_util = CommandLineArgUtil(_program_name, __required_arguments,
__optional_arguments)
required_arg_map, optional_arg_map = cla_util.process_args(args)
__verify_required_args_present(required_arg_map)
__validate_mode_args(optional_arg_map)
__process_passphrase_arg(optional_arg_map)
#
# Prompt for the password to encrypt if the -manual switch was specified
#
if CommandLineArgUtil.ENCRYPT_MANUAL_SWITCH in optional_arg_map and \
CommandLineArgUtil.ONE_PASS_SWITCH not in optional_arg_map:
try:
pwd = getcreds.getpass('WLSDPLY-04200')
except IOException, ioe:
ex = exception_helper.create_encryption_exception(
'WLSDPLY-04201', ioe.getLocalizedMessage(), error=ioe)
__logger.throwing(ex,
class_name=_class_name,
method_name=_method_name)
raise ex
optional_arg_map[CommandLineArgUtil.ONE_PASS_SWITCH] = String(pwd)
def __process_passphrase_arg(optional_arg_map):
"""
Prompt for the passphrase.
:param optional_arg_map: the optional arguments map
:raises CLAException: if an error occurs reading the passphrase input from the user
"""
_method_name = '__process_passphrase_arg'
if CommandLineArgUtil.PASSPHRASE_SWITCH not in optional_arg_map:
got_matching_passphrases = False
while not got_matching_passphrases:
try:
passphrase = getcreds.getpass('WLSDPLY-04203')
passphrase2 = getcreds.getpass('WLSDPLY-04204')
except IOException, ioe:
ex = exception_helper.create_encryption_exception(
'WLSDPLY-04205', ioe.getLocalizedMessage(), error=ioe)
__logger.throwing(ex,
class_name=_class_name,
method_name=_method_name)
raise ex
if passphrase == passphrase2:
got_matching_passphrases = True
optional_arg_map[
CommandLineArgUtil.PASSPHRASE_SWITCH] = String(passphrase)
def _encrypt_variable_value(self, folder_name, field_name, var_name):
"""
Encrypt the variable value, and replace it in the variable set.
:param folder_name: text describing the folder location, used for logging
:param field_name: the attribute name
:param var_name: the variable name
:return: the number of variable changes
"""
_method_name = '_encrypt_variable_value'
# if variables file was not specified, don't try to encrypt
if self.variables is None:
return
# Do not encrypt already encrypted to match model encryption: Don't encrypt encrypted value
if var_name in self.variables:
var_value = self.variables[var_name]
if len(var_value) > 0:
# don't encrypt an already encrypted variable. Matches logic in model
if EncryptionUtils.isEncryptedString(var_value):
self._logger.fine('WLSDPLY-04109', folder_name, field_name, var_name)
return
encrypted_value = EncryptionUtils.encryptString(var_value, String(self.passphrase).toCharArray())
self.variables[var_name] = encrypted_value
self.variable_changes += 1
self._logger.fine('WLSDPLY-04106', folder_name, field_name, var_name,
class_name=self._class_name, method_name=_method_name)
else:
ex = exception_helper.create_encryption_exception('WLSDPLY-04107', var_name, field_name, folder_name)
self._logger.throwing(ex, class_name=self._class_name, method_name=_method_name)
raise ex
def _encrypt_variable_value(passphrase, dict_name, field_name, var_name, variables):
"""
Encrypt the variable value.
:param passphrase: the encryption passphrase
:param dict_name: the model element name
:param field_name: the attribute name
:param var_name: the variable name
:param variables: the variables
:return: the number of variable changes
"""
_method_name = '_encrypt_variable_value'
variable_changes = 0
if variables is None:
return variable_changes
if var_name in variables:
var_value = variables[var_name]
if len(var_value) > 0:
encrypted_value = EncryptionUtils.encryptString(var_value, String(passphrase).toCharArray())
variables[var_name] = encrypted_value
_logger.fine('WLSDPLY-04106', dict_name, field_name, var_name,
class_name=_class_name, method_name=_method_name)
variable_changes = 1
else:
ex = exception_helper.create_encryption_exception('WLSDPLY-04107', var_name, field_name, dict_name)
_logger.throwing(ex, class_name=_class_name, method_name=_method_name)
raise ex
return variable_changes
def _encrypt_variable_value(self, folder_name, field_name, var_name):
"""
Encrypt the variable value, and replace it in the variable set.
:param folder_name: text describing the folder location, used for logging
:param field_name: the attribute name
:param var_name: the variable name
:return: the number of variable changes
"""
_method_name = '_encrypt_variable_value'
# if variables file was not specified, don't try to encrypt
if self.variables is None:
return
# this variable may have been encrypted for another attribute
if var_name in self.variables_changed:
return
if var_name in self.variables:
var_value = self.variables[var_name]
if len(var_value) > 0:
encrypted_value = EncryptionUtils.encryptString(
var_value,
String(self.passphrase).toCharArray())
self.variables[var_name] = encrypted_value
self.variables_changed.append(var_name)
self._logger.fine('WLSDPLY-04106',
folder_name,
field_name,
var_name,
class_name=self._class_name,
method_name=_method_name)
else:
ex = exception_helper.create_encryption_exception(
'WLSDPLY-04107', var_name, field_name, folder_name)
self._logger.throwing(ex,
class_name=self._class_name,
method_name=_method_name)
raise ex
